Research On Trusted Storage Model And Architecture Of Storage Devices In The Classified Environment

Storage security has been the core issue of information security, especially for the military, national institutions, major commercial institutions with more areas of secret data. Once sensitive data is stolen, its loss is sometimes incalculable. Current information security defense for security issues of the storage appeared polarization. One pole is defense strategy software trend of the secret department, the other pole is defense strategy hardware trend of the storage device manufacturers. Existing secret corresponding computer systems mostly use secret media management system software limits the use of protable storage devices, while relying on BISO, operating system, hard drive tri-level password system to ensure operating system security.The storage device manufacturers are seeking storage hardware-based solutions, the basic approach is to rely on hardware encryption. But both approaches are flawed. Theory of trusted computing and trusted computing technologies gradually mature at home and abroad, in particular, the development of trusted computing technologies of domestic achieves the trusted storage possibility. National information security expert, academician Shen Chang-xiang first proposed the idea of trusted storage does not rely on encryption. According to the thinking of academician Shen Chang-xiang , the main topic of this article is that, how to use trusted computing technologies and integrate trusted computing notion in the storage to achieve trusted storage.This paper, for the storage security of classified environment, and confidential security needs of electronic documents in classified environment, applied trusted computing technologies and theory to the storage area, in response to the three major security threat, achieved their goals of protecting sensitive data. This paper studied TCG Storage Architecture Core Specification at first, and drew on their advantages and disadvantages. then maked BLP model as a prototype, designed the trusted storage model in classified environment. after based on the model designed trusted storage device architecture in the classified environment. This paper depicted from the actual security needs, learning advanced experiences, constructing a theoretical model using formal methods to model-based storage architecture design. In this paper, research results and innovation are in the following areas: (1) depiction of the TCG Storage Architecture Core Specification for a more detailed description, especially the analysis of its shortcomings and worthy learning aspects. (2) the build of the trusted storage model in classified environment, based on the demand scenario of trusted storage, and based on the basic idea of BLP model. (3) based on the trusted storage model in classified environment, designed trusted storage architecture and described the interaction between entities in specific application environment, in particular, solved the difficult problem of issuing the trusted storage devices.The expectation of this paper is that, it could play a stimulating role in the normative work of trusted storage in china, and it could play an active role in the work of perfect classified department's computers and classified media management system.